don't count session_requests when SESSIONS_RATE_LIMIT is not set

config.js

@@ -54,7 +54,7 @@ var config = {
     log_time: process.env.LOG_TIME === "true",
     // rate limit per second for outgoing requests to the Mojang session server
     // requests exceeding this limit are skipped and considered failed
-    sessions_rate_limit: parseInt(process.env.SESSIONS_RATE_LIMIT) || Infinity
+    sessions_rate_limit: parseInt(process.env.SESSIONS_RATE_LIMIT)
   },
   sponsor: {
     sidebar: process.env.SPONSOR_SIDE,

lib/helpers.js

@@ -243,7 +243,7 @@ exp.get_image_hash = function(rid, userId, type, callback) {
             // an error occured, but we have a cached hash
             // (e.g. Mojang servers not reachable, using outdated hash)
 
-            // when hitting the rate limit, let's pretend the request succeeded and bump the TTL
+            // bump the TTL after hitting the rate limit
             var ratelimited = store_err.code === "RATELIMIT";
             cache.update_timestamp(rid, userId, !ratelimited, function(err2) {
               callback(err2 || store_err, 4, cache_details && cached_hash, slim);

lib/networking.js

@@ -23,7 +23,7 @@ function req_count() {
   }
 }
 
-// deletes all entries in session_requests older than a second
+// deletes all entries in session_requests, should be called every 1000ms
 exp.resetCounter = function() {
   var count = req_count();
   if (count) {
@@ -41,10 +41,10 @@ exp.resetCounter = function() {
 // callback: the body, response,
 // and error buffer. get_from helper method is available
 exp.get_from_options = function(rid, url, options, callback) {
-  var session_req = url.startsWith(session_url);
+  var is_session_req = config.sessions_rate_limit && url.startsWith(session_url);
 
   // This is to prevent being blocked by CloudFront for exceeding the rate limit
-  if (session_req && req_count() >= config.server.sessions_rate_limit) {
+  if (is_session_req && req_count() >= config.server.sessions_rate_limit) {
     var e = new Error("Skipped, rate limit exceeded");
     e.name = "HTTP";
     e.code = "RATELIMIT";
@@ -54,7 +54,7 @@ exp.get_from_options = function(rid, url, options, callback) {
 
     callback(null, response, e);
   } else {
-    session_req && session_requests.push(Date.now());
+    is_session_req && session_requests.push(Date.now());
     request.get({
       url: url,
       headers: {